You have 500 azure virtual machines that run windows

This preview shows page 148 - 151 out of 208 pages.

You have 500 Azure virtual machines that run Windows Server 2016 and are enrolled in LAW1.You plan to add the System Update Assessment solution to LAW1.You need to ensure that System Update Assessment-related logs are uploaded to LAW1 from 100 of thevirtual machines only.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list ofactions to the answer area and arrange them in the correct order.Select and Place:
07B13F58239056B81577933EB624485BCorrect Answer:Section: (none)ExplanationExplanation/Reference:Reference:QUESTION 9You have an Azure subscription named Sub1 that contains the virtual machines shown in the following table.You need to ensure that the virtual machines in RG1 have the Remote Desktop port closed until an authorizeduser requests access.What should you configure?
07B13F58239056B81577933EB624485BA.Azure Active Directory (Azure AD) Privileged Identity Management (PIM)B.an application security groupC.Azure Active Directory (Azure AD) conditional accessD.just in time (JIT) VM accessCorrect Answer:DSection: (none)ExplanationExplanation/Reference:Explanation:Just-in-time (JIT) virtual machine (VM) access can be used to lock down inbound traffic to your Azure VMs,reducing exposure to attacks while providing easy access to connect to VMs when needed.Note: When just-in-time is enabled, Security Center locks down inbound traffic to your Azure VMs by creatingan NSG rule. You select the ports on the VM to which inbound traffic will be locked down. These ports arecontrolled by the just-in-time solution.When a user requests access to a VM, Security Center checks that the user has Role-Based Access Control(RBAC) permissions that permit them to successfully request access to a VM. If the request is approved,Security Center automatically configures the Network Security Groups (NSGs) and Azure Firewall to allowinbound traffic to the selected ports and requested source IP addresses or ranges, for the amount of time thatwas specified. After the time has expired, Security Center restores the NSGs to their previous states. Thoseconnections that are already established are not being interrupted, however.Reference:QUESTION 10You are troubleshooting a security issue for an Azure Storage account.You enable the diagnostic logs for the storage account.What should you use to retrieve the diagnostics logs?A.the Security & Compliance admin centerB.SQL query editor in AzureC.File Explorer in WindowsD. AzCopyCorrect Answer:DSection: (none)ExplanationExplanation/Reference:References:2fblobs%2ftoc.jsonQUESTION 11HOTSPOTYou are configuring just in time (JIT) VM access to a set of Azure virtual machines.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 208 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
NoProfessor
Tags
Azure, Azure Active

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture